privacy@sharmannetworks.com
1 Attachment(s)
found this in my mail today - do they get criminal now - threatening people?
|
1 Attachment(s)
Sharman is going after everyone that's doing anything KaZaa related. They're located in a tax haven now and will do anything to anyone to make some $$$.
http://www.vanuatugovernment.gov.vu/ |
what are those attachments for? is/was that a part of the message?
please forward that message to me if its not too personal i'd like to have a look at it....i know how to examine headers to determine where it really came from :) harbynger1901@hotmail.com |
Hmmm....
Could be a hoax, are there any more clues in the full mail headers?
What's in the attachments? It's a bit strange for them to target you.. Nothing you have on your website is illegal. OK, you have links to KazaaLite, and you still have that iMorpheus page, but they should welcome sig2dat as a great enhancement to the FastTrack experience. |
hey, indy, just for "shits and giggles" i'm gonna send you a fake email through the kazaa client
i'll say something that will let you know its me. :) |
okay i just now tried the kazaa trick of sending anonymous email
it works differently when you have the email forwarded from KaZaA to hotmail instead of routing it through your own ISP If you use you own ISP it will show your loginname (that you use to logon or into the network if you are on dialup and using a certain ISP whom i won't name here) It will also show you isp provider the scary thing is it showing your loginname to the network (that should be kept private) and of course your ip address (the real one is revealed) so i do not recommend anyone use the email feature in KazAa that is concerned with their online privacy (its not really an anonymous remailer as "raven" off astalavista claims....because it shows the info i mentioned above) Gosh, the was a totally annoying waste of my time post but I've got a little (time) to waste so why not? bottom line: INdy don't worry you ain't dun nothin wrong :) |
i've got your mail harby.
okay i don't understand the mechanism - i only saw that home.bat is some windows program and the b_660400 is some other html with vbs script loading from brilliant digital. maybe the address is really a fake and it should show something, brilliant does to our computers. i didn execute anything so i don't know more - just deleted the whole bunch indy |
that's too bad indy, i would have saved that for evidence
might be handy and could probably learn some things from it as well. Usually if you use Norton Antivirus it will protect you from malicious vbs type scripting there is also another way i think that involved changing the file associations for .vbs extensions (in folder options...but i don't remember what application to use for opening them...my guess is notepad that way windows scripting host won't automatically execute the vbs code) Okay now if your email is like mine (free service similiar to hotmail) they store the mail sent to you on their server (webpage) and things you delete might even be saved in the deleted items folder so if you really want to get rid of it make sure you check there too and it would not hurt to delete free space on your drive using either Eraser or VoptXP (great disk defragger mulitpurpose utility) If you do have a copy in one of those folders....please zip it the bat file(s) programs and forward it to me for furthur analysis. Thanks, harbynger1901@hotmail.com |
sorry but i deleted it also from disk and yahoo trash.
but since your mail address is public now, maybe you get your own "privacy" copy :) indy |
Changing the Default Action for VBS Scripts to Edit
Hi guys-gals
This is my first post here. I found the following information in another post and filed it for future reference. " Changing the Default Action for VBS Scripts to Edit. You can change the default action for .VBS, .VBE, .JS, .JSE and .WSH files. When installed, these extensions are configured to default to 'Open'. If this default action is changed to 'Edit', scripts will open in a text editor instead of executing, which effectively renders them harmless. To change the default action for these three extensions: 1) Open up 'Windows Explorer' 2) Under the 'View' menu select 'Options…' or 'Folder Options…' 3) Single click on the 'File Types' tab 4) Scroll down the list until you find 'VBScript Script File'. Single click on it and click the 'Edit…' button 5) Where it says 'Actions' look for 'Edit'. Single click on it and then click the button that says 'Set Default' 6) Click the 'Close' button 7) Repeat steps 4-6 for 'VBScript Encoded Script File' (skip this step if it is not listed) 8) Repeat steps 4-6 for 'JScript Script File' 9) Repeat steps 4-6 for 'JScript Encoded Script File' 10) Repeat steps 4-6 for 'Windows Scripting Host Settings File' Now VBS scripts, which is how these virii are spreading, will just open harmlessly in notepad. Problem solved. After neutering the Script Files you can go to your shared folder and delete the little buggers!! " Credits: This clip was taken from another post, may be even from this forum, I apologize for not remembering from where, exactly. So if someone else recognize her-his post feel free to claim authorship. I'm just passing it around. This is as simple as effective a measure. I've done it, tested it, and worked like a charm. Hope it helps. |
Quote:
|
Never mind. Read that you the files.
The whole thing looks a bit hoaxy. No legal munbojumbo or threats asking you to remove stuff from your site? As far as I know they have been sending out emails with leagl mumbjumbo, not vbs attachments. If they are sending little bombs now, my guess would then be that they have $cientology lawyers working for them. lol |
Welcome, spstn
:beer:
Welcome to NU, spstn. Hope you enjoy your stay here and btw what an excellent introduction you made...that information was EXACTLY what i needed and wanted. Very much obliged (that's my way of saying "thank-you") for posting that :) -Harbynger (of d00m) |
Re: Changing the Default Action for VBS Scripts to Edit
Quote:
You never know when you post how many people you can help, sometimes months later... If you ever visited the old Morpheus Board you might have found it there... That was where I first posted it, although I have posted it at the old Zeropaid Forum and I am pretty sure I have posted it somewhere here as well... I found it somewhere else myself, but don't remember where... (For some reason I added this on my original Thank You gogostop for pointing me in the right direction) :PO: |
hi spstn, welcome to nu!:tu: thanks for dropping by. hope we see you again. :beer:
- js. |
Yep!
Quote:
:ND: - WELCOME, WELCOME!! :beer: :beer: |
I'm back...
Hi there...
Thank you all for such a heartwarming welcome. My apology to BuzzB2K because in taking the liberty to edit the original posting to fit the issue at hand here, I left out another interesting piece of advice: " I added .mp3.vbs to the blocklist of the search filter - seems it does also some job - get 0 results if i search for "mp3 vbs" indication for .mp3.vbs is, that · title=xyz.mp3 (because its not rcognised as audio) · artist=unknown · size small (11k, 9k) · downloadtime 0.0 good and simple thing (as mentioned on old morph and elsewhere." I would advice, also, to include as many implementations of this as fyle types you download. I've seen and even downloaded pictures and video files with double file extension like that. Coming back to the vbs issue and any other threat to the system, including massive crashes and viri infestation, I've been using a piece of software that ensures total impunity to virtually destroy your system and get away with it. The name is GoBack, a much, and I mean MUCH powerful version of system restore. In the rare occasion of a page fault or whatever causes a BSOD I go back 5 minutes and IT never happened. Caveat: The software has proven to be infalible to me, however requires a disciplined use of the way you produce work tha's written to your hard disk (read: everything). So if someone want to try it I have several pointers that could be useful to not learn the hard way like I did. In that case let me know and I'll post wherever is appropriate to do so. For the record: The ignoring of Sharman in my postings was intentional infliction of "cruel and unusual punishment" So I dixit. |
Quote:
Thank-you, harbynger :W: |
Re: I'm back...
Quote:
I'm interested. :tu: |
Quote:
Again, welcome to Napsterites spstn and I look forward to more helpfull posts from you in the future. :W: :tu: |
All times are GMT -6. The time now is 01:11 AM. |
Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)